From b8e407aa83f3ff4a4feea049e4ada54853b39f4d Mon Sep 17 00:00:00 2001 From: Ade Lee Date: Mon, 7 Jan 2013 16:38:25 -0500 Subject: Increase root CA validity to 20 years Trac Ticket #466 --- base/ca/shared/conf/caCert.profile | 2 +- base/ca/shared/profiles/ca/caCACert.cfg | 4 ++-- base/common/src/com/netscape/cms/profile/def/CAValidityDefault.java | 2 +- base/common/src/com/netscape/cms/profile/def/ValidityDefault.java | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/base/ca/shared/conf/caCert.profile b/base/ca/shared/conf/caCert.profile index 3e9c83613..4cd22bafb 100644 --- a/base/ca/shared/conf/caCert.profile +++ b/base/ca/shared/conf/caCert.profile @@ -9,7 +9,7 @@ profileSetIDMapping=caCertSet list=2,4,5,6,7,8 2.default.class=com.netscape.cms.profile.def.CAValidityDefault 2.default.name=CA Certificate Validity Default -2.default.params.range=2922 +2.default.params.range=7305 2.default.params.startTime=0 4.default.class=com.netscape.cms.profile.def.AuthorityKeyIdentifierExtDefault 4.default.name=Authority Key Identifier Default diff --git a/base/ca/shared/profiles/ca/caCACert.cfg b/base/ca/shared/profiles/ca/caCACert.cfg index a88abdf1f..36f81b53b 100644 --- a/base/ca/shared/profiles/ca/caCACert.cfg +++ b/base/ca/shared/profiles/ca/caCACert.cfg @@ -20,12 +20,12 @@ policyset.caCertSet.1.default.name=Subject Name Default policyset.caCertSet.1.default.params.name= policyset.caCertSet.2.constraint.class_id=validityConstraintImpl policyset.caCertSet.2.constraint.name=Validity Constraint -policyset.caCertSet.2.constraint.params.range=2922 +policyset.caCertSet.2.constraint.params.range=7305 policyset.caCertSet.2.constraint.params.notBeforeCheck=false policyset.caCertSet.2.constraint.params.notAfterCheck=false policyset.caCertSet.2.default.class_id=caValidityDefaultImpl policyset.caCertSet.2.default.name=CA Certificate Validity Default -policyset.caCertSet.2.default.params.range=2922 +policyset.caCertSet.2.default.params.range=7305 policyset.caCertSet.2.default.params.startTime=0 policyset.caCertSet.3.constraint.class_id=keyConstraintImpl policyset.caCertSet.3.constraint.name=Key Constraint diff --git a/base/common/src/com/netscape/cms/profile/def/CAValidityDefault.java b/base/common/src/com/netscape/cms/profile/def/CAValidityDefault.java index e3b834ce5..44ffd474f 100644 --- a/base/common/src/com/netscape/cms/profile/def/CAValidityDefault.java +++ b/base/common/src/com/netscape/cms/profile/def/CAValidityDefault.java @@ -100,7 +100,7 @@ public class CAValidityDefault extends EnrollDefault { if (name.equals(CONFIG_RANGE)) { return new Descriptor(IDescriptor.STRING, null, - "2922", /* 8 years */ + "7305", /* 20 years */ CMS.getUserMessage(locale, "CMS_PROFILE_VALIDITY_RANGE")); } else if (name.equals(CONFIG_START_TIME)) { diff --git a/base/common/src/com/netscape/cms/profile/def/ValidityDefault.java b/base/common/src/com/netscape/cms/profile/def/ValidityDefault.java index 0c31fb0a8..b649c7076 100644 --- a/base/common/src/com/netscape/cms/profile/def/ValidityDefault.java +++ b/base/common/src/com/netscape/cms/profile/def/ValidityDefault.java @@ -90,7 +90,7 @@ public class ValidityDefault extends EnrollDefault { if (name.equals(CONFIG_RANGE)) { return new Descriptor(IDescriptor.STRING, null, - "2922", + "7305", CMS.getUserMessage(locale, "CMS_PROFILE_VALIDITY_RANGE")); } else if (name.equals(CONFIG_START_TIME)) { -- cgit